<?php

class Plugin_UserAccess extends Zend_Controller_Plugin_Abstract
{
	protected $_acl;
	protected $_auth;
	
	public function __construct(Zend_Acl $acl){
		$this->_acl = $acl;
		$this->_auth = Zend_Auth::getInstance();
	}
	
	public function preDispatch(Zend_Controller_Request_Abstract $request){
		$resource = $request->getControllerName();
		$privilege = $request->getActionName();
		
		$role = 'guest';
		if( $this->_auth->hasIdentity()){
			$user = $this->_auth->getIdentity();
			$role = $user->role;
		}
		
		if ( !$this->_acl->isAllowed($role,$resource,$privilege) ){
			$request->setModuleName('default')
					->setControllerName('user')
					->setActionName('login');
		}
	}
}